for display only
Big Blue Interactive The Corner Forum  
Back to the Corner

Archived Thread

NFT: Best Antivirus Software?

Professor Falken : 9/23/2024 11:08 am
I've been using Kaspersky for years with no problems, but they are now banned in the US. They want me to switch to their partner, UltraAV. The company that was working with Kaspersky here in the US wants me to switch to BitDefender. Any recommendations for either of these two or something else like Norton? I'd like something that offers extra protection for financial websites; banking, trading, etc.
Bitdefender  
widmerseyebrow : 9/23/2024 11:19 am : link
Top of the line effectiveness and doesn't bog down your computer resources like others do. I'd avoid Norton and McAfee like the plague.
RE: Bitdefender  
PatersonPlank : 9/23/2024 11:23 am : link
In comment 16621119 widmerseyebrow said:
Quote:
Top of the line effectiveness and doesn't bog down your computer resources like others do. I'd avoid Norton and McAfee like the plague.


What is wrong with McAfee?
RE: RE: Bitdefender  
widmerseyebrow : 9/23/2024 11:32 am : link
In comment 16621127 PatersonPlank said:
Quote:
In comment 16621119 widmerseyebrow said:


Quote:


Top of the line effectiveness and doesn't bog down your computer resources like others do. I'd avoid Norton and McAfee like the plague.



What is wrong with McAfee?


Garbage protection, hogs system resources, lots of false-positives. It's bloatware that gets shipped with a lot of new computers. Historically a pain in the ass to remove completely.
Sophos  
Gforce11 : 9/23/2024 11:48 am : link
I think is the best. I've had it on all 3 of my PCs at home and they offer a package for up to 5 (it might even be 10 now).


You don’t need one  
Jim in Fairfax : 9/23/2024 11:53 am : link
The built-in Microsoft Defender is plenty good enough. At one time it was very bare bones, but it’s been a full antivirus/antimalware product for some time.
Thanks  
Professor Falken : 9/23/2024 11:57 am : link
guys
I also use free Bitdefender.  
D HOS : 9/23/2024 12:11 pm : link
Free, I recommend Bitdefender and Avast.

Paid, I recommend Bitdefender, Avast and Malwarebytes.

Windows Defender is good for basic real time protection, but not as nuanced nor as comprehensive as other packages. But, if you don't need things like secure browsing, proxy/vpn, ad block, content filter, behavioral based process protection, then yes Defender does just fine at blocking file-based malware.

One tip about Defender. Usually when you install an anti-malware product ("endpoint protection" is the current term), it registers in Windows Security Center and Defender turns off. But this doesn't always work. So in that case, do check that Defender's real time scanning is turned off. You can't really remove or fully disable Defender, it's required for certain Windows core functionality, but you can be sure it is not "also" scanning files, while your current anti-malware does the same.

One other thought, anti-malware (no longer 'anti-virus') is shifting to "endpoint protection", whereby they no longer only (or at all) scan files in place, but rather scan processes that are executing, which may or may not be accessing files. So the protection becomes much broader and more comprehensive than just considering file based malware. This is especially effective for novel threats, and ones that don't involve files per-se.
Defender can be attacked...  
D HOS : 9/23/2024 12:15 pm : link
I watched a presentation at Black Hat last year where a researcher wrote a script that downloaded a Microsoft update for Defender, unpacked it, modified it to ignore signatures for certain malware, then "patch" Defender with that update. It worked. He then introduced that malware which was not detected, and he was able to create back door remote access, run other malicious code...

Then he did the opposite, he "patched" Defender to recognize many windows processes as "malware" and basically destroyed Windows, as everything Windows did was being blocked by Defender.

That is a typical Microsoft issue. More specialized anti-malware packages from established security companies likely do not have so basic a flaw.

Norton and McAfee, avoid those under all circumstances. They are bloated overpriced underperforming products marketed toward your grandparents who don't know any better.
RE: Sophos  
D HOS : 9/23/2024 12:16 pm : link
In comment 16621192 Gforce11 said:
Quote:
I think is the best. I've had it on all 3 of my PCs at home and they offer a package for up to 5 (it might even be 10 now).



Sophos is solid.
RE: Defender can be attacked...  
Jim in Fairfax : 9/23/2024 12:40 pm : link
In comment 16621248 D HOS said:
Quote:
I watched a presentation at Black Hat last year where a researcher wrote a script that downloaded a Microsoft update for Defender, unpacked it, modified it to ignore signatures for certain malware, then "patch" Defender with that update. It worked. He then introduced that malware which was not detected, and he was able to create back door remote access, run other malicious code...

Then he did the opposite, he "patched" Defender to recognize many windows processes as "malware" and basically destroyed Windows, as everything Windows did was being blocked by Defender.

That is a typical Microsoft issue. More specialized anti-malware packages from established security companies likely do not have so basic a flaw.

Norton and McAfee, avoid those under all circumstances. They are bloated overpriced underperforming products marketed toward your grandparents who don't know any better.

And Microsoft quickly patched Defender to eliminate that vulnerability. If you think the paid ones can’t be exploited you’re fooling yourself.
RE: Bitdefender  
US1 Giants : 9/23/2024 1:51 pm : link
In comment 16621119 widmerseyebrow said:
Quote:
Top of the line effectiveness and doesn't bog down your computer resources like others do. I'd avoid Norton and McAfee like the plague.


I have Bitdefender too and am happy with it. One tip is to keep track of the renew date and cancel right before. They gave me a big discount.

Avoid resource hogs like Norton.
BitDefender fan here  
ColHowPepper : 9/23/2024 2:06 pm : link
suite of products, can tailor, same software suite for devices of all kinds. Former IT exec friend of mine originally recommended Kaspersky but warned off it ~ four years ago and said go BD
No Love for Malwarebytes  
mvftw : 9/23/2024 2:07 pm : link
It's Good and Free (you can pay for it)...
RE: No Love for Malwarebytes  
Jim in Fairfax : 9/23/2024 2:36 pm : link
In comment 16621437 mvftw said:
Quote:
It's Good and Free (you can pay for it)...

It doesn’t provide any real-time protection. You can get infected, data stolen, drive wiped and it won’t do anything to stop it.
RE: RE: No Love for Malwarebytes  
mvftw : 9/23/2024 3:25 pm : link
In comment 16621483 Jim in Fairfax said:
Quote:
In comment 16621437 mvftw said:


Quote:


It's Good and Free (you can pay for it)...


It doesn’t provide any real-time protection. You can get infected, data stolen, drive wiped and it won’t do anything to stop it.


Is that a fact for the pay version?
RE: RE: RE: No Love for Malwarebytes  
Jim in Fairfax : 9/23/2024 3:46 pm : link
In comment 16621531 mvftw said:
Quote:
In comment 16621483 Jim in Fairfax said:


Quote:


In comment 16621437 mvftw said:


Quote:


It's Good and Free (you can pay for it)...


It doesn’t provide any real-time protection. You can get infected, data stolen, drive wiped and it won’t do anything to stop it.



Is that a fact for the pay version?

The paid version provides real-time protection. I was responding to your “good and free”.
Microsoft  
State Your Name : 9/23/2024 4:03 pm : link
Windows
RE: RE: Defender can be attacked...  
D HOS : 9/23/2024 6:34 pm : link
In comment 16621285 Jim in Fairfax said:
Quote:
In comment 16621248 D HOS said:


Quote:


I watched a presentation at Black Hat last year where a researcher wrote a script that downloaded a Microsoft update for Defender, unpacked it, modified it to ignore signatures for certain malware, then "patch" Defender with that update. It worked. He then introduced that malware which was not detected, and he was able to create back door remote access, run other malicious code...

Then he did the opposite, he "patched" Defender to recognize many windows processes as "malware" and basically destroyed Windows, as everything Windows did was being blocked by Defender.

That is a typical Microsoft issue. More specialized anti-malware packages from established security companies likely do not have so basic a flaw.

Norton and McAfee, avoid those under all circumstances. They are bloated overpriced underperforming products marketed toward your grandparents who don't know any better.


And Microsoft quickly patched Defender to eliminate that vulnerability. If you think the paid ones can’t be exploited you’re fooling yourself.


Yes, they did. I believe they patched it before the presentation was given. Did you see that presentation as well? If I remember correctly, the researcher described a few similar ways to manipulate Defender and that it would be hard to block them all, unless MS changes how it packages and delivers updates. He claimed, think I recall, that his technique was still valid, just need to tweak it a bit to get around the specific fix that MS engineered.

I am not so naive as to believe that paid solutions from dedicated security vendors can't be exploited, what I said was they wouldn't have flaws that basic. In my experience, Microsoft products (which I use and support daily, so I'm not anti-MS) due to their complexity and legacy support, have tons of flaws, often basic ones. 3rd party security applications have their flaws, but relatively few, and generally not both basic (easily exploitable) and critical (severe consequences).
BRAVE  
Simms : 9/23/2024 8:19 pm : link
Consider using the Brave brouser for another layer of protection.
Back to the Corner